Phishing site detection

Detecting phishing sites in real time is important to narrow the window of opportunity for fraudsters to collect victims’ personal and financial information and prevent the malicious use of stolen credentials to commit fraud downstream.

Problem overview

Over 90% of all cyber attacks start with some form of phishing via email, text message or phone call. While phishing attempts used to be easy to spot due to multiple spelling errors and poor grammar, fraudsters now have access to AI tools such as ChatGPT to help them craft well-written messages capable of tricking even the savviest users. With tools at their hands to make phishing more effective and believable, the pool of potential victims is greater, and fraudsters can harvest more credentials for use later in account takeover, social engineering scams, and other fraud attacks.

Using device intelligence, BioCatch Phishing Site Detection can identify when a victim has been redirected to a phishing website and the associated rogue URLs of those sites. Providing real-time alerts and reporting, BioCatch helps fraud teams act quickly to shut down phishing sites and minimize the damage to potential victims. Alerts and reports can also be shared with other systems or a third-party service, offering a critical intelligence feed for early detection of phishing sites.

What happens two weeks after a phishing attack

30 %

Percentage of banking sessions that had login attempts far from the known location of the genuine user

23 %

Percentage of phishing victims who had a high-risk payment flagged on
their account

15 %

Percentage of banking sessions that had signs of remote access detected

Winning the RAT Race: How Banks Can Get Ahead of Remote Access Attacks and Account Takeover

Successful phishing can lead to much more severe fraud types such as impersonation scams involving remote access tools. While the use of Remote Access Tools (RATs) in the perpetration of financial crime is not a new threat, they continue to pose significant challenges to Fraud Fighters. Access the white paper to learn about the common and emerging fraud methods that leverage RATs, where legacy fraud controls are falling short, and how Behavioral Biometrics intelligence can provide the additional visibility banks need to prevent these attacks.

Additional account takeover
use cases

Remote access attacks

Legacy fraud prevention controls have limited or no ability to detect remote access attacks. When a RAT is present on a user’s device, the bank’s systems detect a genuine device fingerprint, with no traces of proxy, code injections, or malware, and with the proper IP and geo-location.

Credential stuffing

Most organizations have bot mitigation controls in place to detect credential stuffing and other automated attacks. To circumvent these controls, fraudsters have started to abuse legitimate open banking platform providers to test batches of credentials and reverted to testing smaller, more frequent batches instead of testing at scale.

SIM swapping

Financial fraud involving SIM swapping is growing in several regions around the world. Not all cases of stolen device fraud require a SIM swap. In these cases, often carried out by highly organized criminal gangs, fraudsters use password engineering to unlock the device.

Solutions

Solutions by Role

BioCatch Connect

Frameworks

Resources

Company